The Washington Post

Chinese hackers referencing PRISM to lure e-mail victims

A cyber security professional named Brandon Dixon recently discovered an e-mail scam, apparently sent by the same group responsible for the "NetTraveler" attacks sourced to Chinese hackers, with an ingeniously newsy hook.

The e-mail, which Dixon posted in full, carries the subject line "CIA's prism Watchlist," a reference to the secret U.S. data-mining program code-named PRISM. It includes some half-sensical text, filled with references to the National Security Agency and yes even The Washington Post, followed by a 2.5 megabyte attachment, "Monitored List1.doc," which is actually a spying tool that lets the e-mail sender break into your computer.

The e-mail was sent to an India-based Tibetan activist group called the Regional Tibet Youth Congress, precisely the sort of target often singled out by Chinese hackers. Its "sender" is listed as Jill Kelley, the Tampa socialite who found herself in the middle of the scandal that brought down General David Petraeus. These sorts of e-mails, a common tool of hackers, are known as "phishing scams."

There's a wonderful irony to Chinese hackers name-checking PRISM in their attacks. Chinese state media have condemned the U.S. cyber spying programs, perhaps earnestly but also clearly in part to deflect long-standing U.S. criticism of China's extensive cyber espionage, which has included infiltrating U.S institutions and stealing military and technological secrets. China's implicit defense seems to be that the United States is little better and so has no grounds to criticize.

In other words: Chinese hackers now appear to be using a U.S. spying program, which is also the basis of China's defense against U.S. criticism of their hacking, in order to do more hacking. You have to wonder if the hackers appreciate the irony.

The Freddie Gray case

Please provide a valid email address.

You’re all set!

Campaign 2016 Email Updates

Please provide a valid email address.

You’re all set!

Get Zika news by email

Please provide a valid email address.

You’re all set!
Show Comments

Sign up for email updates from the "Confronting the Caliphate" series.

You have signed up for the "Confronting the Caliphate" series.

Thank you for signing up
You'll receive e-mail when new stories are published in this series.
Most Read



Success! Check your inbox for details.

See all newsletters

Close video player
Now Playing

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.